Merge pull request #13 from SciCompMod/audit2

Add create-by audit for scenario creation (again)

Author: NXXR

api/src/api/app/apis/scenarios_api.py

@@ -41,10 +41,18 @@
     response_model_by_alias=True,
 )
 async def create_scenario(
+    request: Request,
     scenario: Scenario = Body(None, description="")
 ) -> ID:
     """Create a new scenario to be simulated."""
-    return await controller.create_scenario(scenario)
+
+    # Tag creator info
+    scenario.creator_user_id = request.state.user.userId if request.state.user else None
+    scenario.creator_org_id = request.state.realm if request.state.realm else None
+    
+    return await controller.create_scenario(
+        scenario
+    )
 
 
 @router.delete(

api/src/api/app/controller/scenario_controller.py

@@ -61,7 +61,7 @@ class ScenarioController:
 
     async def create_scenario(
         self,
-        scenario: Optional[Scenario],
+        scenario: Optional[Scenario]
     ) -> ID:
         """Create a new scenario to be simulated."""
         if not scenario:

api/src/api/app/db/models.py

@@ -28,6 +28,8 @@ class Scenario(SQLModel, table=True):
     timestampSubmitted: Optional[datetime] = Field(default=None, nullable=True)
     timestampSimulated: Optional[datetime] = Field(default=None, nullable=True)
 
+    creatorUserId: Optional[uuid.UUID] = Field(default=None, nullable=True)
+    creatorOrgId: Optional[str] = Field(default=None, nullable=True)
 
 class ParameterDefinition(SQLModel, table=True):
     id: Optional[uuid.UUID] = Field(default_factory=uuid.uuid4, primary_key=True, nullable=False)

api/src/api/app/db/tasks.py

@@ -423,6 +423,8 @@ def scenario_create(scenario: Scenario) -> ID:
         percentiles=','.join([str(perc) for perc in scenario.percentiles]) if scenario.percentiles else '50',
         timestampSubmitted=datetime.now(),
         timestampSimulated=None,
+        creatorUserId=scenario.creator_user_id,
+        creatorOrgId=scenario.creator_org_id
     )
     with next(get_session()) as session:
         nested_dict = lambda: defaultdict(nested_dict)
@@ -536,6 +538,8 @@ def scenario_get_by_id(id: StrictStr) -> Scenario:
         percentiles=[int(perc) for perc in scenario.percentiles.split(',')] if scenario.percentiles else [50],
         timestampSubmitted=scenario.timestampSubmitted,
         timestampSimulated=scenario.timestampSimulated,
+        creator_user_id=str(scenario.creatorUserId),
+        creator_org_id=scenario.creatorOrgId
     )
 
 def scenario_get_all() -> List[ReducedScenario]:

api/src/api/app/middlewares/authentication_middleware.py

@@ -22,7 +22,7 @@ async def dispatch(self, request, call_next):
                 # async def get_user(request: Request):
                 #     return request.state.user
                 request.state.user = user
-
+                request.state.realm = realm
                 # (Optional) role check can be added
                 # if ['admin'] not in user.role:
                 #     raise HTTPException(

api/src/api/app/models/scenario.py

@@ -47,8 +47,9 @@ class Scenario(BaseModel):
     percentiles: Optional[List[StrictInt]] = Field(default=[50], description="List of available percentiles for this scenario", alias="percentiles")
     timestamp_submitted: Optional[datetime] = Field(default=None, alias="timestampSubmitted", description="Timestamp when the scenario was added/created")
     timestamp_simulated: Optional[datetime] = Field(default=None, alias="timestampSimulated", description="Timestamp when the scenario was finished simulating and data is available")
-    __properties: ClassVar[List[str]] = ["id", "name", "description", "startDate", "endDate", "modelId", "modelParameters", "nodeListId", "linkedInterventions", "percentiles", "timestampSubmitted", "timestampSimulated"]
-
+    creator_user_id: Optional[str] = Field(default=None, alias="creatorUserId", description="ID of the user who submitted the scenario")
+    creator_org_id: Optional[str] = Field(default=None, alias="creatorOrgId", description="ID of the organization the submitting user belongs to")
+    __properties: ClassVar[List[str]] = ["id", "name", "description", "startDate", "endDate", "modelId", "modelParameters", "nodeListId", "linkedInterventions", "percentiles", "timestampSubmitted", "timestampSimulated", "creatorUserId", "creatorOrgId"]
     model_config = {
         "populate_by_name": True,
         "validate_assignment": True,